Phishing

The United States recently accused the Russian government of trying to influence US elections last November, and has expelled 35 Russian diplomatic officials and closed two Russian diplomatic facilities, one in New York City, and the other in Maryland, near Washington DC.

The Russians are denying any direct involvement, of course, and are laying the blame on Russian cyber-criminal groups. But we have discussed ...

This is the time of the year everyone writes either a year in review article, or a what’s coming in the new year post. Guess which one this is? I’ve been reading the pundits, and considering my own findings as a cybersecurity professional. I pulled together the following list for your review, and to help you plan where to spend your time, talent, and budget in 2017.

One of the hardest types of phishing emails to defend against are those that come from the email account of a friend or trusted business associate, such as your dentist, lawyer, realtor. The sender’s email address is not spoofed, because the malefactor has tricked them into providing their email address password. The bad guys are actually logged into your friend’s email account, and now they are trying to do the same thing to you.

As we approach year-end, many small and medium sized business owners and managers are coming to the realization that their best intentions for creating a cybersecurity program in their organization have fallen short. This was the year, you promised yourself, that we get a handle on computer and network security.

On Monday we looked at the some of the primary attack vectors used by cyber-criminals. Here are the rest of the attack vectors that Kevin Thompson from FireEye shared at the Cyber Security Summit. Many of these are significant twists on old exploits, or more sophisticated exploits.

On Wednesday we looked at several of the important takeaways from this year’s Cyber Security Summit. Here are a few more.

Small businesses need to stop using public email services such as Gmail, Yahoo, or Hotmail for their business email. User credentials for 500,000 Yahoo email accounts have been stolen, and it could happen to the others. If you have a domain name you are using for a web site, then you should ...

Not trying to be rude here. Phishing has become the most prevalent form of cyber-attack, and the reason for that is that IT WORKS! It works because most people are very trusting and easily convinced, and are clicking on links and opening attachments without much concern. It also works because most people have not been trained how to recognize a potential phishing message, and how to verify if the ...